Merge branch 'security-fixes' into fixes

2 files changed, 8 insertions, 4 deletions

diff --git a/arch/arm/kernel/fiq.c b/arch/arm/kernel/fiq.c
index fc7920288a3d..918875d96d5d 100644
--- a/arch/arm/kernel/fiq.c
+++ b/arch/arm/kernel/fiq.c
@@ -89,7 +89,8 @@ void set_fiq_handler(void *start, unsigned int length)
 
         memcpy(base + offset, start, length);
         if (!cache_is_vipt_nonaliasing())
-                flush_icache_range(base + offset, offset + length);
+                flush_icache_range((unsigned long)base + offset, offset +
+                                   length);
         flush_icache_range(0xffff0000 + offset, 0xffff0000 + offset + length);
 }
 
diff --git a/arch/arm/mm/Kconfig b/arch/arm/mm/Kconfig
index db5c2cab8fda..cd2c88e7a8f7 100644
--- a/arch/arm/mm/Kconfig
+++ b/arch/arm/mm/Kconfig
@@ -809,15 +809,18 @@ config KUSER_HELPERS
           the CPU type fitted to the system.  This permits binaries to be
           run on ARMv4 through to ARMv7 without modification.
 
+          See Documentation/arm/kernel_user_helpers.txt for details.
+
           However, the fixed address nature of these helpers can be used
           by ROP (return orientated programming) authors when creating
           exploits.
 
           If all of the binaries and libraries which run on your platform
           are built specifically for your platform, and make no use of
-          these helpers, then you can turn this option off.  However,
-          when such an binary or library is run, it will receive a SIGILL
-          signal, which will terminate the program.
+          these helpers, then you can turn this option off to hinder
+          such exploits. However, in that case, if a binary or library
+          relying on those helpers is run, it will receive a SIGILL signal,
+          which will terminate the program.
 
           Say N here only if you are absolutely certain that you do not
           need these helpers; otherwise, the safe option is to say Y.